| Message ID | 1509211918-14829-2-git-send-email-u9012063@gmail.com |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | Fix clang static analysis null pointer bugs. | expand |
On Sat, Oct 28, 2017 at 10:31:48AM -0700, William Tu wrote: > Clang reports possible null pointer argument to the memcpy src. > This is due to at dp_packet_clone_data_with_headroom, the > dp_packet *b might have a NULL base due to allocating a dp_packet > with size = 0. Fix it by adding ovs_assert to satisfy clang. > > Signed-off-by: William Tu <u9012063@gmail.com> Thanks for working on this. If 'old_base' might really be null, because of some path into the function, then the most likely issue here is a very minor technical one: the C specification requires that the pointer arguments to memcpy() be nonnull even if the number of bytes to be copied is 0. Most actual implementations of memcpy() do nothing in that case, which is the expected result. In this case, in the situation where 'old_base' is null, I guess that the number of bytes to be copied should be 0. That means that, if this ever actually occurs, this patch will cause dp_packet_copy__() to assert-fail instead of doing nothing. That is not an improvement. The right solution is probably to use nullable_memcpy() instead of memcpy(). Thanks, Ben.
diff --git a/lib/dp-packet.c b/lib/dp-packet.c index 443c22504379..f48e195a51d2 100644 --- a/lib/dp-packet.c +++ b/lib/dp-packet.c @@ -222,6 +222,7 @@ dp_packet_copy__(struct dp_packet *b, uint8_t *new_base, size_t copy_headroom = MIN(old_headroom, new_headroom); size_t copy_tailroom = MIN(old_tailroom, new_tailroom); + ovs_assert(old_base); memcpy(&new_base[new_headroom - copy_headroom], &old_base[old_headroom - copy_headroom], copy_headroom + dp_packet_size(b) + copy_tailroom);
Clang reports possible null pointer argument to the memcpy src. This is due to at dp_packet_clone_data_with_headroom, the dp_packet *b might have a NULL base due to allocating a dp_packet with size = 0. Fix it by adding ovs_assert to satisfy clang. Signed-off-by: William Tu <u9012063@gmail.com> --- lib/dp-packet.c | 1 + 1 file changed, 1 insertion(+)